Ios 无法加载XMLHttpRequesthttps://sandbox.itunes.apple.com/verifyReceipt. 访问控制不允许原点允许原点
苹果似乎不喜欢我的ajax请求。我正在尝试验证应用内购买后PhoneGap应用中的收据Ios 无法加载XMLHttpRequesthttps://sandbox.itunes.apple.com/verifyReceipt. 访问控制不允许原点允许原点,ios,cordova,jquery-mobile,in-app-purchase,mobile-website,Ios,Cordova,Jquery Mobile,In App Purchase,Mobile Website,苹果似乎不喜欢我的ajax请求。我正在尝试验证应用内购买后PhoneGap应用中的收据 // prepare JSON object for Apple /* Retrieve the receipt data from the transaction’s transactionReceipt property (on iOS) or from the receipt file inside the application bundle (on OS X) and encode it using
// prepare JSON object for Apple
/* Retrieve the receipt data from the transaction’s transactionReceipt property (on iOS) or from the receipt file inside the application bundle (on OS X) and encode it using base64 encoding.
Create a JSON object with a single key named receipt-data and the string you created in step 1. Your JSON code should look like this:
{
"receipt-data" : "(receipt bytes here)"
} */
var data = JSON.stringify({
'receipt-data' : btoa(transactionReceipt)
});
if(DEBUG) console.log('Data: ' + data);
var url = 'https://' + (DEBUG ? 'sandbox' : 'buy') + '.itunes.apple.com/verifyReceipt';
if(DEBUG) console.log('URL: ' + url);
// send the POST request
/* Post the JSON object to the App Store using an HTTP POST request. The URL for the store is https://buy.itunes.apple.com/verifyReceipt. */
$.ajax(url, {
type: 'POST',
data: data,
dataType: 'json',
success: function(data) {
console.log('Request returned successfully.');
// parse the response
/*
The response received from the App Store is a JSON object with two keys, status and receipt. It should look something like this:
{
"status" : 0,
"receipt" : { (receipt here) }
}
If the value of the status key is 0, this is a valid receipt. If the value is anything other than 0, this receipt is invalid.
*/
if(data.status === 0)
console.log("Receipt is valid.");
},
error : function(jqXHR, textStatus, errorThrown) {
console.error('Request failed with response code ' + errorThrown);
}
});
我正在使用jQuery,并且:
$(document).bind("mobileinit", function () {
// xss
$.support.cors = true;
$.mobile.allowCrossDomainPages = true;
}
有没有人尝试过通过ajax验证他们的收据,但遇到了这个问题
谢谢
ApacheCordova中的域白名单是一种安全模型
控制对外部域的访问,例如。这个
默认安全策略是阻止所有网络访问
谢谢您的回复!我已经用
*
将所有外部域列为白名单。是否有一种特殊的方式,我需要为苹果启用它?我所有的其他链接都能正常工作(到谷歌分析等等)。好吧,它应该能正常工作。我想知道这是否与http与https有关。我没有尝试过用https做任何事情。这个错误不意味着权限被苹果阻止了吗?我的意思是,这必须起作用,因为每个应用程序都使用它进行IAP验证,但它们应该提供访问控制
标题。也许我需要在我的开发机器上做些什么?